Browse Source

feat: setting up tproxy configure

v1.x.x
dnomd343 2 years ago
parent
commit
ff1eb74e5c
  1. 1
      src/config.go
  2. 14
      src/load.go
  3. 6
      src/main.go
  4. 31
      src/network.go
  5. 4
      test.yml

1
src/config.go

@ -86,6 +86,7 @@ func loadConfig(rawConfig []byte) {
} }
log.Info("DNS server -> ", dnsServer) log.Info("DNS server -> ", dnsServer)
// TODO: load basic bypass -> ip -4/6 addr | grep -w "inet(6)" | awk '{print $2}'
for _, address := range config.Network.ByPass { // bypass options for _, address := range config.Network.ByPass { // bypass options
if isIPv4(address, true) { if isIPv4(address, true) {
v4Bypass = append(v4Bypass, address) v4Bypass = append(v4Bypass, address)

14
src/load.go

@ -138,7 +138,7 @@ func saveConfig(configDir string, caption string, content string, overwrite bool
} }
} }
func loadHttpProxy(tag string, port int, sniffObject sniffSettings) interface{} { func loadHttpConfig(tag string, port int, sniffObject sniffSettings) interface{} {
type empty struct{} type empty struct{}
return inboundSettings{ return inboundSettings{
Tag: tag, Tag: tag,
@ -150,7 +150,7 @@ func loadHttpProxy(tag string, port int, sniffObject sniffSettings) interface{}
} }
} }
func loadSocksProxy(tag string, port int, sniffObject sniffSettings) interface{} { func loadSocksConfig(tag string, port int, sniffObject sniffSettings) interface{} {
type empty struct{} type empty struct{}
type socksSettings struct { type socksSettings struct {
UDP bool `json:"udp"` UDP bool `json:"udp"`
@ -165,7 +165,7 @@ func loadSocksProxy(tag string, port int, sniffObject sniffSettings) interface{}
} }
} }
func loadTProxy(tag string, port int, sniffObject sniffSettings) interface{} { func loadTProxyConfig(tag string, port int, sniffObject sniffSettings) interface{} {
type tproxySettings struct { type tproxySettings struct {
Network string `json:"network"` Network string `json:"network"`
FollowRedirect bool `json:"followRedirect"` FollowRedirect bool `json:"followRedirect"`
@ -208,13 +208,13 @@ func loadProxy(configDir string, exposeDir string) {
RouteOnly: !enableRedirect, RouteOnly: !enableRedirect,
DestOverride: []string{"http", "tls"}, DestOverride: []string{"http", "tls"},
} }
inboundsObject.Inbounds = append(inboundsObject.Inbounds, loadTProxy("tproxy", v4TProxyPort, sniffObject)) inboundsObject.Inbounds = append(inboundsObject.Inbounds, loadTProxyConfig("tproxy", v4TProxyPort, sniffObject))
inboundsObject.Inbounds = append(inboundsObject.Inbounds, loadTProxy("tproxy6", v6TProxyPort, sniffObject)) inboundsObject.Inbounds = append(inboundsObject.Inbounds, loadTProxyConfig("tproxy6", v6TProxyPort, sniffObject))
for tag, port := range httpInbounds { for tag, port := range httpInbounds {
inboundsObject.Inbounds = append(inboundsObject.Inbounds, loadHttpProxy(tag, port, sniffObject)) inboundsObject.Inbounds = append(inboundsObject.Inbounds, loadHttpConfig(tag, port, sniffObject))
} }
for tag, port := range socksInbounds { for tag, port := range socksInbounds {
inboundsObject.Inbounds = append(inboundsObject.Inbounds, loadSocksProxy(tag, port, sniffObject)) inboundsObject.Inbounds = append(inboundsObject.Inbounds, loadSocksConfig(tag, port, sniffObject))
} }
for _, addon := range addOnInbounds { for _, addon := range addOnInbounds {
inboundsObject.Inbounds = append(inboundsObject.Inbounds, addon) inboundsObject.Inbounds = append(inboundsObject.Inbounds, addon)

6
src/main.go

@ -6,6 +6,9 @@ import (
) )
var logLevel = "warning" var logLevel = "warning"
var v4RouteTable = 100
var v6RouteTable = 106
var v4TProxyPort = 7288 var v4TProxyPort = 7288
var v6TProxyPort = 7289 var v6TProxyPort = 7289
@ -29,5 +32,6 @@ func main() {
// TODO: load geo assets // TODO: load geo assets
//loadDns() //loadDns()
loadNetwork() //loadNetwork()
loadTProxy()
} }

31
src/network.go

@ -3,6 +3,7 @@ package main
import ( import (
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
"os" "os"
"strconv"
) )
func loadDns() { func loadDns() {
@ -47,3 +48,33 @@ func loadNetwork() {
runCommand([]string{"ip", "-6", "route", "add", "default", "via", v6Gateway}) runCommand([]string{"ip", "-6", "route", "add", "default", "via", v6Gateway})
} }
} }
func loadTProxy() {
log.Info("Setting up TProxy of IPv4")
v4TableNum := strconv.Itoa(v4RouteTable)
runCommand([]string{"ip", "-4", "rule", "add", "fwmark", "1", "table", v4TableNum})
runCommand([]string{"ip", "-4", "route", "add", "local", "0.0.0.0/0", "dev", "lo", "table", v4TableNum})
runCommand([]string{"iptables", "-t", "mangle", "-N", "XPROXY"})
for _, cidr := range v4Bypass {
runCommand([]string{"iptables", "-t", "mangle", "-A", "XPROXY", "-d", cidr, "-j", "RETURN"})
}
runCommand([]string{"iptables", "-t", "mangle", "-A", "XPROXY", "-p", "tcp", "-j", "TPROXY",
"--on-port", strconv.Itoa(v4TProxyPort), "--tproxy-mark", "1"})
runCommand([]string{"iptables", "-t", "mangle", "-A", "XPROXY", "-p", "udp", "-j", "TPROXY",
"--on-port", strconv.Itoa(v4TProxyPort), "--tproxy-mark", "1"})
runCommand([]string{"iptables", "-t", "mangle", "-A", "PREROUTING", "-j", "XPROXY"})
log.Info("Setting up TProxy of IPv6")
v6TableNum := strconv.Itoa(v6RouteTable)
runCommand([]string{"ip", "-6", "rule", "add", "fwmark", "1", "table", v6TableNum})
runCommand([]string{"ip", "-6", "route", "add", "local", "::/0", "dev", "lo", "table", v6TableNum})
runCommand([]string{"ip6tables", "-t", "mangle", "-N", "XPROXY6"})
for _, cidr := range v6Bypass {
runCommand([]string{"ip6tables", "-t", "mangle", "-A", "XPROXY6", "-d", cidr, "-j", "RETURN"})
}
runCommand([]string{"ip6tables", "-t", "mangle", "-A", "XPROXY6", "-p", "tcp", "-j", "TPROXY",
"--on-port", strconv.Itoa(v6TProxyPort), "--tproxy-mark", "1"})
runCommand([]string{"ip6tables", "-t", "mangle", "-A", "XPROXY6", "-p", "udp", "-j", "TPROXY",
"--on-port", strconv.Itoa(v6TProxyPort), "--tproxy-mark", "1"})
runCommand([]string{"ip6tables", "-t", "mangle", "-A", "PREROUTING", "-j", "XPROXY6"})
}

4
test.yml

@ -27,5 +27,7 @@ network:
address: fc00::2/64 address: fc00::2/64
bypass: bypass:
- 169.254.0.0/16 - 169.254.0.0/16
- fc00::/7
- 224.0.0.0/3 - 224.0.0.0/3
- fc00::/7
- fe80::/10
- ff00::/8

Loading…
Cancel
Save